Kubernetes : Install Kubeadm2025/11/21

Install Kubeadm to Configure Multi Nodes Kubernetes Cluster.

This example is based on the environment like follows.

For System requirements, each Node has unique Hostname, MAC address, Product_uuid.
MAC address and Product_uuid are generally already unique one if you installed OS on physical machine or virtual machine with common procedure.
You can see Product_uuid with the command [dmidecode -s system-uuid].

Furthermore, it based on the environment Firewalld is disabled.

-----------+---------------------------+--------------------------+------------
           |                           |                          |
       eth0|10.0.0.30              eth0|10.0.0.51             eth0|10.0.0.52
+----------+-----------+   +-----------+----------+   +-----------+----------+
|   [ dlp.srv.world ]  |   | [ node01.srv.world ] |   | [ node02.srv.world ] |
|     Control Plane    |   |      Worker Node     |   |      Worker Node     |
+----------------------+   +----------------------+   +----------------------+

[1]	On all Nodes, Change settings for System requirements.

[root@dlp ~]#

cat > /etc/sysctl.d/99-k8s-cri.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-ip6tables=1
EOF

[root@dlp ~]#

sysctl --system

# set Swap off setting

[root@dlp ~]#

swapoff -a

[root@dlp ~]#

touch /etc/systemd/zram-generator.conf

# disable [firewalld]

[root@dlp ~]#

systemctl disable --now firewalld

[2]	On all Nodes, Install required packages. This example shows to use CRI-O for container runtime.

[root@dlp ~]#

dnf -y install cri-o1.34 crun

[root@dlp ~]#

systemctl enable --now crio

[root@dlp ~]#

cat <<'EOF' > /etc/yum.repos.d/kubernetes.repo

[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.34/rpm/
enabled=0
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.34/rpm/repodata/repomd.xml.key
EOF

[root@dlp ~]#

dnf --enablerepo=kubernetes -y install kubeadm kubelet kubectl cri-tools iproute-tc container-selinux

[root@dlp ~]#

systemctl enable kubelet

[3]	On all Nodes, if SELinux is enabled, change policy.

[root@dlp ~]#

vi k8s.te

# create new

module k8s 1.0;

require {
        type cgroup_t;
        type iptables_t;
        class dir ioctl;
}

#============= iptables_t ==============
allow iptables_t cgroup_t:dir ioctl;

[root@dlp ~]#

checkmodule -m -M -o k8s.mod k8s.te

[root@dlp ~]#

semodule_package --outfile k8s.pp --module k8s.mod

[root@dlp ~]#

semodule -i k8s.pp

Matched Content